no write permissions
email@example.com (Trevor Cordes)
Tue Mar 27 22:47:06 2001
I need my CGI to encrypt some data with my public key. I
don't want the CGI (user apache, group apache) to require
write permissions on ANY file in order to do the encryption,
as I don't want any old CGI process to corrupt my files.
I was using pgp2.6.3 and that always required randseed.bin
to be writable.
I switched to gpg1.0.4 thinking that --no-random-seed-file
would do the trick. But after experimenting it seems that
instead trustdb.gpg needs to be writable no matter what!
That's simply trading between two evils!
Is there a way I can invoke gpg so that it will work with
NO write perms on ANY files or directories?
Here's what my command line looks like now:
gpg -ea -z9 -r'Web Site Name' --always-trust --lock-never --batch